CCNP Security (CCSP)

642-637 SECURE v1.0

Pre-Production Design

  • Choose Cisco IOS technologies to implement HLD
  • Choose Cisco products to implement HLD
  • Choose Cisco IOS features to implement HLD 2
  • Integrate Cisco network security solutions with other security technologies
  • Create and test initial Cisco IOS configurations for new devices/services
  • Configure and verify ASA VPN feature configurations

Complex Operations Support

  • Optimize Cisco IOS security infrastructure device performance
  • Create complex network security rules to meet the security policy requirements
  • Optimize security functions, rules, and configuration
  • Configure & verify Classic IOS Firewall and NAT to dynamically mitigate identified threats to the network
  • Configure & verify IOS Zone Based Firewalls including advanced application inspections and URL filtering
  • Configure & verify the IPS features to identify threats and dynamically block them from entering the network
  • Maintain, update and tune IPS signatures
  • Configure & verify IOS VPN features
  • Configure & verify Layer 2 and Layer 3 security features

Advanced Troubleshooting

  • Advanced Cisco IOS security software configuraiton fault finding and repairing
  • Advanced Cisco routers and switches hardware fault finding and repairing

642-617 Firewall V 1.0

Pre-Production Design

  • Choose ASA Perimeter Security technologies/features to implement HLD based on given security requirements
  • Choose the correct ASA model to implement HLD based on given performance requirements
  • Create and test initial ASA appliance configurations using CLI
  • Determine which ASA licenses will be required based on given requirements

Complex Operations Support

  • Optimize ASA Perimeter Security features performance, functions, and configurations
  • Create complex ASA security perimeter policies such as ACLs, NAT/PAT, L3/L4/L7 stateful inspections, QoS policies, cut-thru proxy, threat detection, botnet detection/filter using CLI and/or ASDM
  • Perform initial setup on the AIP-SSM and CSC-SSM using CLI and/or ASDM
  • Configure, verify and troubleshoot High Availability ASAs (A/S and A/A FO) operations using CLI and/or ASDM
  • Configure, verify and troubleshoot static routing and dynamic routing protocols on the ASA using CLI and/or ASDM
  • Configure, verify and troubleshoot ASA transparent firewall operations using CLI
  • Configure, verify and troubleshoot management access/protocols on the ASA using CLI and/or ASDM

Describe Advanced Troubleshooting

  • Advanced ASA security perimeter configuraiton/software/hardware troubleshooting using CLI and/or ASD fault finding and repairing

642-627 IPS v7.0

Pre-Production Design

  • Choose Cisco IPS technologies to implement HLD
  • Choose Cisco products to implement HLD
  • Choose Cisco IPS features to implement HLD
  • Integrate Cisco network security solutions with other security technologies
  • Create and test initial Cisco IPS configurations for new devices/services

Complex Support Operations

  • Optimize Cisco IPS security infrastructure device performance
  • Create complex network security rules, to meet the security policy requirements
  • Configure and verify the IPS features to identify threats and dynamically block them from entering the network
  • Maintain, update and tune IPS signatures
  • Use CSM and MARS for IPS management, deployment, and advanced event correlation
  • Optimize security functions, rules, and configuration

Advanced Troubleshooting

  • Advanced Cisco IPS security software configuraiton fault finding and repairing
  • Advanced Cisco IPS sensor and module hardware fault finding and repairing

642-647 VPN v1.0

Pre-Production Design

  • Choose ASA VPN technologies to implement HLD based on given requirements
  • Choose the correct ASA model and license to implement HLD based on given performance requirements
  • Choose the correct ASA VPN features to implement HLD based on given corporate security policy and network requirements
  • Integrate ASA VPN solutions with other security technology domains (CSD, ACS, Device managers, Cert servers, etc.)

Complex Operations Support

  • Optimize ASA VPN performance, functions, and configurations
  • Configure and verify complex ASA VPN networks using features such as DAP, CSD, Smart tunnels, Anyconnect SSLVPN, Clientless SSLVPN, Site-to-Site VPN, RA VPN, certificates, QOS, etc. to meet security policy requirements
  • Create complex ASA network security rules using such features as ACLs, DAP, VPN profiles, certificates, MPF, etc, to meet the corporate security policy

Advanced Troubleshooting

  • Perform advanced ASA VPN configuration and troubleshooting
Chat Icon